Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2026/01/20 4:29 p.m.2 views

EUVD-2025-206301

WeasyPrint has a Server-Side Request Forgery SSRF Protection Bypass via HTTP Redirect...

7.5CVSS5.3AI score0.00022EPSS
Exploits2References3
NVD
NVDadded 2026/01/19 4:15 p.m.1 views

CVE-2025-68616

WeasyPrint helps web developers to create PDF documents. Prior to version 68.0, a server-side request forgery SSRF protection bypass exists in WeasyPrint's defaulturlfetcher. The vulnerability allows attackers to access internal network resources such as localhost services or cloud metadata...

7.5CVSS0.00022EPSS
Exploits2References2
Snyk
Snykadded 2026/01/19 3:48 p.m.2 views

Server-side Request Forgery (SSRF)

Overview weasyprint is a The Awesome Document Factory Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the defaulturlfetcher function. An attacker can access internal network resources by exploiting automatic HTTP redirects that are not re-validated against...

7.5CVSS5.6AI score0.00022EPSS
Exploits2References2
CVE
CVEadded 2026/01/19 3:20 p.m.13 views

CVE-2025-68616

WeasyPrint CVE-2025-68616 describes a Server-Side Request Forgery (SSRF) protection bypass in the default_url_fetcher, allowing redirects via urllib to reach internal resources (e.g., localhost or cloud metadata) even when a developer blocks access with a custom url_fetcher. The issue affects Wea...

7.5CVSS5.5AI score0.00022EPSS
Exploits2References2Affected Software1
Tenable Nessus
Tenable Nessusadded 2019/09/17 12:0 a.m.262 views

Mozilla Thunderbird < 68.0

The version of Thunderbird installed on the remote Windows host is prior to 68.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2019-28 advisory. - Until explicitly accessed by script, window.globalThis is not enumerable and, as a result, is not visible to code...

9.8CVSS7.8AI score0.18406EPSS
Exploits6References20
ALT Linux
ALT Linuxadded 2019/08/29 12:0 a.m.34 views

Security fix for the ALT Linux 10 package thunderbird version 68.0-alt1

Aug. 29, 2019 Andrey Cherepanov 68.0-alt1 - New version 68.0. - Fixed: + CVE-2019-9811 Sandbox escape via installation of malicious language pack + CVE-2019-11711 Script injection within domain through inner window reuse + CVE-2019-11712 Cross-origin POST requests can be made with NPAPI plugins b...

7.5CVSS10.1AI score0.18406EPSS
Exploits5
Tenable Nessus
Tenable Nessusadded 2019/07/15 12:0 a.m.9 views

Fedora 30 : firefox (2019-a1b709fca0)

New upstream version 68.0 - Release notes at https://www.mozilla.org/en-US/firefox/68.0/releasenotes/ Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much...

5.5AI score
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2019/07/11 12:0 a.m.49 views

Mozilla Firefox < 68.0

The version of Firefox installed on the remote Windows host is prior to 68.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2019-21 advisory. - Until explicitly accessed by script, window.globalThis is not enumerable and, as a result, is not visible to code such ...

9.8CVSS7.8AI score0.18406EPSS
Exploits7References22
Rows per page
Query Builder